blob: aa6fa7828dee61097bee9da3def9c1ebf30af8cf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
#!/usr/bin/env gpgscm
;; Copyright (C) 2016 g10 Code GmbH
;;
;; This file is part of GnuPG.
;;
;; GnuPG is free software; you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
;; the Free Software Foundation; either version 3 of the License, or
;; (at your option) any later version.
;;
;; GnuPG is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
;; GNU General Public License for more details.
;;
;; You should have received a copy of the GNU General Public License
;; along with this program; if not, see <http://www.gnu.org/licenses/>.
(load (in-srcdir "tests" "openpgp" "defs.scm"))
(setup-legacy-environment)
(define (check-for predicate lines message)
(unless (any predicate lines)
(fail message)))
(define (check-exported-key dump keyid)
(check-for (lambda (l)
(and (string-prefix? l " keyid: ")
(string-suffix? l keyid))) dump
"Keyid not found")
(check-for (lambda (l) (string-prefix? l ":user ID packet:")) dump
"User ID packet not found")
(check-for (lambda (l)
(and (string-prefix? l ":signature packet:")
(string-contains? l "keyid")
(string-suffix? l keyid))) dump
"Signature packet not found"))
(define (check-exported-public-key packet-dump keyid)
(let ((dump (string-split-newlines packet-dump)))
(check-for (lambda (l) (string-prefix? l ":public key packet:")) dump
"Public key packet not found")
(check-exported-key dump keyid)))
(define (check-exported-private-key packet-dump keyid)
(let ((dump (string-split-newlines packet-dump)))
(check-for (lambda (l) (string-prefix? l ":secret key packet:")) dump
"Secret key packet not found")
(check-exported-key dump keyid)))
(lettmp
;; Prepare two temporary files for communication with the fake
;; pinentry program.
(logfile ppfile)
(define (prepare-passphrases . passphrases)
(call-with-output-file ppfile
(lambda (port)
(for-each (lambda (passphrase)
(display passphrase port)
(display #\newline port)) passphrases))))
(define CONFIRM "fake-entry being started to CONFIRM the weak phrase")
(define (assert-passphrases-consumed)
(call-with-input-file ppfile
(lambda (port)
(unless
(eof-object? (peek-char port))
(fail (string-append
"Expected all passphrases to be consumed, but found: "
(read-all port)))))))
(setenv "PINENTRY_USER_DATA"
(string-append "--logfile=" logfile " --passphrasefile=" ppfile) #t)
(for-each-p
"Checking key export"
(lambda (keyid)
(tr:do
(tr:pipe-do
(pipe:gpg `(--export ,keyid))
(pipe:gpg '(--list-packets)))
(tr:call-with-content check-exported-public-key keyid))
(if (string=? "D74C5F22" keyid)
;; Key D74C5F22 is protected by a passphrase. Prepare this
;; one. Currently, GnuPG does not ask for an export passphrase
;; in this case.
(prepare-passphrases usrpass1))
(tr:do
(tr:pipe-do
(pipe:gpg `(--export-secret-keys ,keyid))
(pipe:gpg '(--list-packets)))
(tr:call-with-content check-exported-private-key keyid))
(assert-passphrases-consumed))
'("D74C5F22" "C40FDECF" "ECABF51D")))
|